<?php
/* -------------------------------------------------------------------------------------
* 	ID:						$Id: password_double_opt.php 443 2014-01-19 11:58:54Z phone.mueller@googlemail.com $
* 	Letzter Stand:			$Revision: 443 $
* 	zuletzt geaendert von:	$Author: siekiera $
* 	Datum:					$Date: 2014-01-19 11:58:54 +0000 (Sun, 19 Jan 2014) $
*
* 	SEO:mercari by Siekiera Media
* 	http://www.seo-mercari.de
*
* 	Copyright (c) since 2011 SEO:mercari
* --------------------------------------------------------------------------------------
* 	based on:
* 	(c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
* 	(c) 2002-2003 osCommerce - www.oscommerce.com
* 	(c) 2003     nextcommerce - www.nextcommerce.org
* 	(c) 2005     xt:Commerce - www.xt-commerce.com
*
* 	Released under the GNU General Public License
* ----------------------------------------------------------------------------------- */
define('GLOBAL_COLUMN_LEFT', '0');
require ('includes/application_top.php');

$smarty = new Smarty();

require (DIR_FS_CATALOG.'templates/'.CURRENT_TEMPLATE.'/source/boxes.php');

require_once(DIR_FS_INC.'inc.random_charcode.php');
require_once(DIR_FS_INC.'inc.encrypt_password.php');
require_once(DIR_FS_INC.'inc.validate_password.php');

$case = 'double_opt';
$info_message = TEXT_PASSWORD_FORGOTTEN;
if (isset($_GET['action']) && ($_GET['action'] == 'first_opt_in')) {

	$check_customer = $db->db_query("SELECT 
										customers_email_address, 
										customers_id 
									FROM 
										".TABLE_CUSTOMERS." 
									WHERE 
										customers_email_address = '".$_POST['email']."'");

	$vlcode = random_charcode(32);
	$link = href_link(FILENAME_PASSWORD_DOUBLE_OPT, 'action=verified&customers_id='.$check_customer->fields['customers_id'].'&key='.$vlcode, 'NONSSL');

	$smarty->assign('EMAIL', $check_customer->fields['customers_email_address']);
	$smarty->assign('LINK', $link);

	$smarty->caching = false;
	require_once (DIR_FS_INC.'inc.get_mail_body.php');
	$html_mail = $smarty->fetch('html:password_verification');
	$html_mail .= $signatur_html;
	$txt_mail = $smarty->fetch('txt:password_verification');
	$txt_mail .= $signatur_text;
	require_once (DIR_FS_INC.'inc.get_mail_data.php');
	$mail_data = get_mail_data('password_verification');

	if ($_POST['security_code'] == $_SESSION['security_code_double_opt']) {
		if(!$check_customer->_numOfRows) {
			$case = 'wrong_mail';
			$info_message = TEXT_EMAIL_ERROR;
			
		} else {
			$case = 'first_opt_in';
			$db->db_query("UPDATE ".TABLE_CUSTOMERS." SET password_request_key = '".$vlcode."' WHERE customers_id = '".$check_customer->fields['customers_id']."'");

			php_mail($mail_data['EMAIL_ADDRESS'],
						$mail_data['EMAIL_ADDRESS_NAME'],
						$check_customer->fields['customers_email_address'],
						'',
						'',
						$mail_data['EMAIL_REPLAY_ADDRESS'],
						$mail_data['EMAIL_REPLAY_ADDRESS_NAME'],
						'',
						'',
						$mail_data['EMAIL_SUBJECT'],
						$html_mail,
						$txt_mail);

		}
		unset($_SESSION['security_code_double_opt']);
		unset($_SESSION['captcha']);
		
	} else {
		$case = 'code_error';
		$info_message = TEXT_CODE_ERROR;
	}
}

// Verification
if (isset ($_GET['action']) && ($_GET['action'] == 'verified')) {
	$check_customer = $db->db_query("SELECT 
											customers_id, 
											customers_email_address, 
											password_request_key 
										FROM 
											".TABLE_CUSTOMERS." 
										WHERE 
											customers_id = '".(int)$_GET['customers_id']."' 
										AND 
											password_request_key = '".$_GET['key']."'");
	
	if (!$check_customer->_numOfRows || $_GET['key']=='') {
		$case = 'no_account';
		$info_message = TEXT_NO_ACCOUNT;
		
	} else {
		$newpass = create_random_value(12);
		$crypted_password = encrypt_password($newpass);

		$db->db_query("UPDATE 
							".TABLE_CUSTOMERS." 
						SET 
							customers_password = '".$crypted_password."',
							password_request_key = ''
						WHERE 
							customers_email_address = '".$check_customer->fields['customers_email_address']."'");

		$smarty->assign('EMAIL', $check_customer->fields['customers_email_address']);
		$smarty->assign('NEW_PASSWORD', $newpass);

		$smarty->caching = false;
		require_once (DIR_FS_INC.'inc.get_mail_body.php');
		$html_mail = $smarty->fetch('html:new_password');
		$html_mail .= $signatur_html;
		$txt_mail = $smarty->fetch('txt:new_password');
		$txt_mail .= $signatur_text;
		require_once (DIR_FS_INC.'inc.get_mail_data.php');
		$mail_data = get_mail_data('new_password');

		php_mail($mail_data['EMAIL_ADDRESS'],
					$mail_data['EMAIL_ADDRESS_NAME'],
					$check_customer->fields['customers_email_address'],
					'',
					'',
					$mail_data['EMAIL_REPLAY_ADDRESS'],
					$mail_data['EMAIL_REPLAY_ADDRESS_NAME'],
					'',
					'',
					$mail_data['EMAIL_SUBJECT'],
					$html_mail,
					$txt_mail);

		$message_stack->add_session(TEXT_PASSWORD_SENT, 'success', 'true');
		redirect(href_link(FILENAME_LOGIN, '', 'SSL'));
	}
}

$breadcrumb->add(NAVBAR_TITLE_PASSWORD_DOUBLE_OPT, href_link(FILENAME_PASSWORD_DOUBLE_OPT, '', 'NONSSL'));

require (DIR_WS_INCLUDES.'header.php');

switch ($case) {
	case 'first_opt_in' :
		$smarty->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
		$smarty->assign('info_message', $info_message);
		$smarty->assign('info_message', TEXT_LINK_MAIL_SENDED);
		$smarty->assign('language', $_SESSION['language']);
		$smarty->caching = false;
		$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/password_messages.html');
		break;
		
	case 'second_opt_in' :
		$smarty->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
		$smarty->assign('info_message', $info_message);
		$smarty->assign('language', $_SESSION['language']);
		$smarty->caching = false;
		$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/password_messages.html');
		break;
		
	case 'code_error' :
		$captcha_site = '_double_opt';
		include('captcha.php');
		$smarty->assign('VVIMG', '<img src="captcha.php?show=true&name=double_opt" alt="Captcha" />');
		$smarty->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
		$smarty->assign('info_message', $info_message);
		$smarty->assign('message', TEXT_PASSWORD_FORGOTTEN);
		$smarty->assign('SHOP_NAME', STORE_NAME);
		$smarty->assign('FORM_ACTION', draw_form('sign', href_link(FILENAME_PASSWORD_DOUBLE_OPT, 'action=first_opt_in', 'NONSSL')));
		$smarty->assign('INPUT_EMAIL', draw_input_field('email', $_POST['email']));
		$smarty->assign('INPUT_CODE', draw_input_field('security_code', '', 'size="6" maxlength="6"', 'text', false));
		$smarty->assign('BUTTON_SEND', image_submit('button_send.gif', IMAGE_BUTTON_SEND));
		$smarty->assign('language', $_SESSION['language']);
		$smarty->caching = false;
		$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/password_double_opt_in.html');
		break;
		
	case 'wrong_mail' :
		$captcha_site = '_double_opt';
		include('captcha.php');
		$smarty->assign('VVIMG', '<img src="captcha.php?show=true&name=double_opt" alt="Captcha">');
		$smarty->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
		$smarty->assign('info_message', $info_message);
		$smarty->assign('message', TEXT_PASSWORD_FORGOTTEN);
		$smarty->assign('SHOP_NAME', STORE_NAME);
		$smarty->assign('FORM_ACTION', draw_form('sign', href_link(FILENAME_PASSWORD_DOUBLE_OPT, 'action=first_opt_in', 'NONSSL')));
		$smarty->assign('INPUT_EMAIL', draw_input_field('email', $_POST['email']));
		$smarty->assign('INPUT_CODE', draw_input_field('security_code', '', 'size="6" maxlength="6"', 'text', false));
		$smarty->assign('BUTTON_SEND', image_submit('button_send.gif', IMAGE_BUTTON_SEND));
		$smarty->assign('language', $_SESSION['language']);
		$smarty->caching = false;
		$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/password_double_opt_in.html');
		break;
		
	case 'no_account' :
		$smarty->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
		$smarty->assign('info_message', $info_message);
		$smarty->assign('language', $_SESSION['language']);
		$smarty->caching = false;
		$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/password_messages.html');
		break;
		
	case 'double_opt' :
		$captcha_site = '_double_opt';
		include('captcha.php');
		$smarty->assign('VVIMG', '<img src="captcha.php?show=true&name=double_opt" alt="Captcha">');
		$smarty->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
		$smarty->assign('message', TEXT_PASSWORD_FORGOTTEN);
		$smarty->assign('SHOP_NAME', STORE_NAME);
		$smarty->assign('FORM_ACTION', draw_form('sign', href_link(FILENAME_PASSWORD_DOUBLE_OPT, 'action=first_opt_in', 'NONSSL')));
		$smarty->assign('INPUT_EMAIL', draw_input_field('email', $_POST['email']));
		$smarty->assign('INPUT_CODE', draw_input_field('security_code', '', 'class="w35"', 'text', false));
		$smarty->assign('BUTTON_SEND', image_submit('button_continue.gif', IMAGE_BUTTON_SEND));
		$smarty->assign('FORM_END', '</form>');
		$smarty->assign('language', $_SESSION['language']);
		$smarty->caching = false;
		$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/password_double_opt_in.html');
		break;
}

$smarty->assign('main_content', $main_content);
$smarty->assign('language', $_SESSION['language']);
$smarty->caching = false;
$smarty->loadFilter('output', 'note');
$smarty->loadFilter('output','trimwhitespace');
$smarty->display(CURRENT_TEMPLATE.'/index.html');
include ('includes/application_bottom.php');